When signing in with Ethereum, verify that the account and network are correct

[glamperd]

The account used to ECDSA sign the contribution message must be the same as is used to sign in. This must be actively verified before requesting the ECDSA signature. i.e. the account selected in Metamask (or other browser wallet) must be the same as used for SIWE. Also, the network selected in the wallet must be Ethereum mainnet, If possible, request a change to the network if it's not correctly set.

[pettinarip]

Correct, apart from verifying the account & chain, I think we should offer the same wallet connection experience as in the OIDC provider. E.g. if the user decides to connect with WalletConnect then we should show that wallet option on our side as well.

FWIW they are using https://github.com/spruceid/siwe-web3modal

[NicoSerranoP]

I am trying to achieve a generic EIP -712 sign message to do the ECDSA signatures with all the wallet connect providers.

It is currently in branch nico-ecdsa-other-providers. I would try to integrate the web3 modal.

So far, I read that not all wallet connect providers (ejm: Exodus) have the EIP 712 sign feature.

[NicoSerranoP]

52 is related to it :)

[NicoSerranoP]

The problem is with the external OIDC. I just publish an issue in their repo: https://github.com/spruceid/siwe-oidc/issues/41